location.href='login.php';";
exit;
}
$user_id = $_SESSION['user_id'];
// Handle message sending
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['message'])) {
$msg = trim($_POST['message']);
if ($msg !== '') {
$stmt = db()->prepare("INSERT INTO messages (user_id, sender, message) VALUES (?, 'user', ?)");
$stmt->execute([$user_id, $msg]);
}
header("Location: chat.php");
exit;
}
// Fetch messages
$stmt = db()->prepare("SELECT * FROM messages WHERE user_id = ? ORDER BY created_at ASC");
$stmt->execute([$user_id]);
$messages = $stmt->fetchAll();
// Mark admin messages as read
$stmt = db()->prepare("UPDATE messages SET is_read = 1 WHERE user_id = ? AND sender = 'admin'");
$stmt->execute([$user_id]);
?>